Seems pretty stupid to go to all of that trouble but it's possible. If you have received all of the expected "chunks" then the Lambda could concatenate the chunks and put them into whatever file storage (presumably a separate S3 bucket) you want to use, and then delete the "chunks" in the original S3 bucket. Whenever you deposit a "chunk" the Lambda could check if you have received and stored all of the expected "chunks" in S3 already. You could, hypothetically, split arbitrary binary files into 9.9 MB chunks and send those chunks in separate HTTP requests over the network to something like a Lambda which is behind API Gateway and have Lambda deposit these chunks into a S3 bucket. For example, "padding" the front of a SQL injection attack (which would normally be blocked by WAF) with 8kb of no-op whitespace.Īlso, yes I would like to know if it's possible to divide a file upload into several parts, each of which are 10mb or less so they fit through API Gateway and at the same time did not go more than 30s limitation? I believe it is possible to circumvent WAF by "padding" the front of a request. WAF won't prevent the security vulnerabilities it is designed to prevent when requests are larger than 8kb and the compromising part of the request is not in the first 8kb. I know that I can turn off the 8kb request, but would it expose to security issue? AWS WAF is a web application firewall that helps protect your web. These are my own opinions and based on my own experience. Amazon API Gateway: Create, publish, maintain, monitor, and secure APIs at any scale.
Some questions / answers from your comment. WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to an Amazon CloudFront distribution, Amazon API Gateway.
0 kommentar(er)
